Application Control Bypass for Data Exfiltration https://isc.sans.edu/diary/Application%20Control%20Bypass%20for%20Data%20Exfiltration/32850 Axios NPM Module Supply Chain Compromise https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan https://www.linkedin.com/events/7444763050819092480/ TeamPCP vs. Cloud Resources https://www.wiz.io/blog/tracking-teampcp-investigating-post-compromise-attacks-seen-in-the-wild
Honeypot Session Lifetime https://isc.sans.edu/diary/DShield%20%28Cowrie%29%20Honeypot%20Stats%20and%20When%20Sessions%20Disconnect/32840 Let s Encrypt Tests Mass Revocation https://community.letsencrypt.org/t/lets-encrypt-2026-mass-revocation-simulation/245960 https://www.certkit.io/blog/ari-solves-mass-certificate-revocation https://www.certkit.io/blog/lets-encrypt-mass-revocation-simulation F5 Vulnerability Re-Classified (and already exploited) as RCE https://my.f5.com/manage/s/article/K000156741
TeamPCP Update #2: Telnyx PyPi Compromise https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20002%20-%20Telnyx%20PyPI%20Compromise%2C%20Vect%20Ransomware%20Mass%20Affiliate%20Program%2C%20and%20First%20Named%20Victim%20Claim/32838 Citrix Netscaler Vulnerability Details https://labs.watchtowr.com/the-sequels-are-never-as-good-but-were-still-in-pain-citrix-netscaler-cve-2026-3055-memory-overread/ macOS Clickfix Warning https://x.com/ClassicII_MrMac/status/2036797948911141129 Windows Smart Install https://textslashplain.com/2026/03/24/windows-choose-where-to-get-apps/
TeamPCP Supply Chain Campaign: Update 001 – Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20001%20-%20Checkmarx%20Scope%20Wider%20Than%20Reported%2C%20CISA%20KEV%20Entry%2C%20and%20Detection%20Tools%20Available/32834 DarkSword and This Weeks iOS Updates https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain LangFlow Exploited https://www.cisa.gov/news-events/alerts/2026/03/25/cisa-adds-one-known-exploited-vulnerability-catalog
Im neu angekündigten Sci-Fi-Taktikspiel Arbiter 131 übernehmt ihr das Kommando über eine futuristische Spezialeinheit in der düsteren Megametropole Arkadia. Aus der Vogelperspektive plant ihr komplexe Razzien, zeichnet Laufwege für eure Einheiten ein und stürmt in Echtzeit feindliche Gebäude. Dabei verzichten die Entwickler von Ikon komplett auf magische Röntgenblicke oder eine allwissende Kamera. Ihr steuert euer […]
Apple Patches (almost) everything again. March 2026 edition. https://isc.sans.edu/diary/Apple%20Patches%20%28almost%29%20everything%20again.%20March%202026%20edition./32830 SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2) https://isc.sans.edu/diary/SmartApeSG%20campaign%20pushes%20Remcos%20RAT%2C%20NetSupport%20RAT%2C%20StealC%2C%20and%20Sectop%20RAT%20%28ArechClient2%29/32826 Trivy/LiteLLM/TeamPCP Updates https://www.sans.org/webcasts/when-security-scanner-became-weapon https://rosesecurity.dev/2026/03/24/sha-pinning-is-not-enough.html Google Moves Up Quantum Crypto Deadline https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/
— Special Webcast about Trivy Supply Chain Attacks https://www.sans.org/webcasts/when-security-scanner-became-weapon — Detecting IP KVM Usage https://isc.sans.edu/diary/Detecting%20IP%20KVMs/32824 TeamPCP, Trivy, liteLLM, Iran and more https://www.aikido.dev/blog/teampcp-stage-payload-canisterworm-iran https://www.aquasec.com/blog/trivy-supply-chain-attack-what-you-need-to-know/ https://blog.gitguardian.com/trivys-march-supply-chain-attack-shows-where-secret-exposure-hurts-most/ https://www.sysdig.com/blog/teampcp-expands-supply-chain-compromise-spreads-from-trivy-to-checkmarx-github-actions
From W-2 to BYOVD: How a Tax Search Leads to Kernel-Mode AV/EDR Kill https://www.huntress.com/blog/w2-malvertising-to-kernel-mode-edr-kill NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2026-3055 and CVE-2026-4368 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300 gRPC-Go Authorization bypass via missing leading slash in :path CVE-2026-33186 https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3
GSocket Backdoor Delivered Through Bash Script https://isc.sans.edu/diary/GSocket+Backdoor+Delivered+Through+Bash+Script/32816/#comments Oracle Security Alert CVE-2026-Adresse geschuetzt https://blogs.oracle.com/security/alert-cve-2026-21992 Rockwell Automation Reiterates Customer Guidance to Disconnect Devices from the Internet and Harden PLCs to Protect from Cyber Threats https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html